The Imperva team is closing out 2019 with a series on the cybersecurity trends we predict will shape the landscape in 2020. Last week, Imperva CTO Kunal Anand mined insights from our global customer base and our research team, Imperva Research Labs, to come up with his top five list of cybersecurity trends. This week, we’re digging deeper into his #1 cybersecurity trend for 2020 – cloud transformation.
Nearly three-quarters of businesses are running a hybrid and/or multi-cloud strategy today, according to Forrester Research. Imperva has found that many organizations are moving compute to the cloud quite rapidly, but are not necessarily ready to move their data.
“Maybe because they’re not there yet in the journey,” says Anand. “But I think there’s another element to this… I think a lot of organizations aren’t really understanding what security mechanisms and capabilities they need when they make that migration.”
To help companies execute their cloud transformation while maintaining security and compliance, Imperva developed the report, “Keys to Securing a Successful Cloud Migration.” In it, our cybersecurity experts identify three key elements every enterprise IT and security leader should know to ensure secure and compliant cloud migrations. They are:
1. Standardize security practices across your cloud, hybrid, and multi-cloud assets.
The environment sometimes dictates your security tools. But when you have a choice, it can be quicker to achieve standardized controls through a comprehensive solution, as long as the footprint is broad enough. This way, you can achieve a single pane of glass that enables complete visibility across your enterprise.
2. Use modern security platforms built for the cloud automation era.
Today’s cloud-enabled enterprises strive to be agile, collaborative, highly-automated, and efficient. Manually moving workloads and technologies to the cloud is a step backwards, being slow, labor-intensive, and error-prone. And that can ultimately lead to more security vulnerabilities, as well as wasted time and money. That’s why modern enterprises are rebuilding or refactoring business applications on microservices and cloud technology.
3. Use Defense-in-Depth to protect APIs, applications and data, wherever they reside.
If not executed securely, migrating to the cloud can cause your organization’s threat surface to balloon, exposing you to a potential explosion of attacks and leading to breaches whose financial damage outweighs all of your cloud-earned gains. To stay ahead of threats while protecting cloud migration, you need a multi-layered security architecture that provides automatic defense-in-depth.
Read more about the three key elements and how to execute them in the full report here.
Many companies are not only running in a hybrid on-prem/in-cloud environment, but also choose to use multiple clouds. This creates additional layers of complexity that make consistent compliance and security practices more challenging. Without strong, standardized controls and best practices everywhere, your business is neither secure nor compliant. You don’t want to protect against a threat in your legacy on-prem systems while leaving it undefended in a cloud environment.
A good case study for eliminating complexity by deploying a full-stack security solution that protects apps and data on-prem and in the cloud(s) comes from DigiCert, provider of the identity and encryption solutions that are used by most Fortune 500 companies, especially in the banking sector.
DigiCert was already using Imperva’s WAF Gateway to protect many of its on-premises applications when it first began migrating workloads to Amazon Web Services (AWS). At the time, they were using another vendor for DDoS mitigation on AWS.
To eliminate management complexity and increase defense-in-depth capabilities, DigiCert wanted a solution from a single provider that delivered both WAF protection and DDoS mitigation across their entire hybrid environment. By expanding their usage of Imperva, DigiCert was able to extend protection to AWS and maintain their security posture both during and after migration.
Learn more about how DigiCert automates protection of their AWS environment with Imperva here.
Lessons Learned the Hard Way
We learned some hard lessons about securing cloud migration this past year. On August 27, 2019, Imperva announced a security incident that affected a subset of our cloud WAF customers.
We know that no organization is immune to security incidents, as well as we know that no company wants to be the next victim. We deeply regret the incident, but we’re proud that our incident response was swift and transparent. In the spirit of further transparency, here are some key lessons we learned that can benefit any organization:
- Build and maintain a plan for rapid, transparent, and honest communication with your customers and stakeholders, should an incident occur.
- Ensure you have security incident workflows and processes adapted to your hybrid cloud environment.
- Tighten all security access controls and ensure careful planning, documentation, and a thorough security assessment of every step of your migration process.
To learn more about the incident, our investigation and remediation, and a detailed analysis of what we learned, read Anand’s blog here.
Cloud migration is the first of five security trends we’re highlighting through the new year in a series we call Take on 2020 with Vision. To follow the series, subscribe to the Imperva blog here or follow #ImpervaPredicts on LinkedIn, Twitter, or facebook.
Featured Webinar: Take on 2020 with Vision. Imperva CMO David Gee sits down with Imperva CTO Kunal Anand to discuss all the trends you should watch for in 2020. Watch here.